Example: Fugue CI/CD with Regula Pre-deployment Checks

Note

This is part 2 in a series. For part 1, see Example: Fugue CI/CD with Terraform, GitHub, CircleCI.

Note

Fugue’s infrastructure as code (IaC) security features for repository environments are now available in closed beta. Fugue IaC security integrates with Regula to scan code files locally and in CI/CD pipelines. To request access, contact support@fugue.co.

Our example-tf-circleci-part-2 GitHub repo shows you how to add pre-deployment compliance checks to your CI/CD pipeline by integrating Regula with Fugue, Terraform, GitHub, and CircleCI.

As in part 1, the example will deploy infrastructure into your AWS account (see remotestate.tf, main.tf), and it incorporates the following components:

  • Regula (new in Part 2): Evaluate Terraform infrastructure-as-code for compliance

  • Amazon Web Services (AWS): Provide cloud infrastructure (a VPC and security group)

  • Terraform: Define infrastructure as code

  • GitHub: Store infrastructure as code in version control

  • CircleCI: Deploy infrastructure via Terraform and kick off Fugue scan

  • Fugue: Scan infrastructure for any noncompliant resources and set a new baseline

With the addition of Regula, the pipeline demonstrates end-to-end security and compliance. Regula validates resource configuration pre-deployment and Fugue ensures it stays compliant post-deployment.

_images/cicd-2-header.png

Get Started

You’ll find the full walkthrough in the README. All the code you need is in the repo.

Further reading

Don’t forget to visit the example-tf-circleci-part-2 repo, which contains the full walkthrough and all of the code in this example.

If you missed it the first time around, check out Part 1 of this example.

And if you enjoyed this example, you might also like Example: Fugue Notifications in Slack.